[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: speaking of keys

To: Henry Spencer <henry@xxxxxxxxxxxxx>
Subject: Re: speaking of keys
From: Stephen Kent <kent@xxxxxxx>
Date: Thu, 19 Dec 2002 17:26:24 -0500
Cc: IP Security List <ipsec@xxxxxxxxxxxxxxxxx>
In-reply-to: <>
References: <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

At 3:53 PM -0500 12/9/02, Henry Spencer wrote:

On Fri, 6 Dec 2002, Stephen Kent wrote:

 I don't have a problem with a MAY for bigger groups, but I really
 think it is most appropriate to focus on the management facility to
 allow user communities to select their own, of whatever size they
 feel is appropriate.


While I have some sympathy with that, historically IPsec has suffered
badly from an excess of useless flexibility, an unwillingness to make
decisions among largely-equivalent alternatives, and an inability to set
clear standards even when they are crucial to interoperability.

If we think one choice is definitely preferable in most cases, but
specific users may have reasons to prefer another, we have a word for
that:  not MAY, but SHOULD.

And as a matter of basic principle, the default should be good security,
with an option to weaken it when necessary, not poor security with an
option to upgrade it.

Henry,

I agree that we don't want default key lengths that are so short as to be unacceptably weak, nor do we want lengths that are so long as to discourage use of the technology. Over time, Moore's Law will allow us to increase the key length and not suffer as much, so we know the long term trend and we are probably wrangling over the details of what is the right size, not the principles.

I also am very much in agreement with the notion of not making things more complex. However, I see a need to allow private groups to be specified by user communities, and Hugo even noted why this has potential security benefits. We have had a provision for passing private group params, and that adds complexity of one sort. I'd be happy if we omitted support that approach, and instead mandated management support for entering private group params and then just use a compact reference (e.g., an OID) to specify the private groups. I would not expect most users to make use of this capability, but sophisticated user communities could use this facility and it might even provide us with an out re the debate over the right group sizes, although I don't yet have a good proposal of how to do that.

Steve

References:
- Re: speaking of keys
  - From: Henry Spencer

Prev by Date: Re: Secure legacy authentication for IKEv2
Next by Date: Re: speaking of keys
Previous by thread: Re: speaking of keys
Next by thread: Re: speaking of keys
Index(es):
- Date
- Thread